Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/B256D8FC479711F09A25BE59C4F9AE02.roa
File: B256D8FC479711F09A25BE59C4F9AE02.roa (raw, json)
Hash identifier: GxHO9vhkZZ6yMHc2121mln0db/uLLdFiDdhvsMD2Mh4=
Subject key identifier: 6B:D9:3D:8F:00:67:EA:6C:E2:87:5A:EB:BE:A0:F2:C7:A2:C8:0C:E2
Certificate issuer: /CN=A91C93EE/serialNumber=FC56E7E076F7FD0A84BECC9C3E229142A0901FEC
Certificate serial: 0D25
Authority key identifier: FC:56:E7:E0:76:F7:FD:0A:84:BE:CC:9C:3E:22:91:42:A0:90:1F:EC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/B256D8FC479711F09A25BE59C4F9AE02.roa
Signing time: Sun 01 Mar 2026 15:59:04 +0000
ROA not before: Sun 22 Feb 2026 18:15:52 +0000
ROA not after: Sat 01 May 2027 00:00:00 +0000
asID: 138636
IP address blocks: 103.135.77.0/24 maxlen: 24
103.135.79.0/24 maxlen: 24
2404:76c0::/32 maxlen: 32
2404:76c0::/33 maxlen: 33
2404:76c0::/34 maxlen: 34
2404:76c0::/35 maxlen: 35
2404:76c0::/36 maxlen: 36
2404:76c0::/40 maxlen: 48
2404:76c0:1000::/36 maxlen: 36
2404:76c0:2000::/35 maxlen: 35
2404:76c0:2000::/36 maxlen: 36
2404:76c0:3000::/36 maxlen: 36
2404:76c0:4000::/34 maxlen: 34
2404:76c0:4000::/35 maxlen: 35
2404:76c0:4000::/36 maxlen: 36
2404:76c0:5000::/36 maxlen: 36
2404:76c0:6000::/35 maxlen: 35
2404:76c0:6000::/36 maxlen: 36
2404:76c0:7000::/36 maxlen: 36
2404:76c0:8000::/33 maxlen: 33
2404:76c0:8000::/34 maxlen: 34
2404:76c0:8000::/35 maxlen: 35
2404:76c0:8000::/36 maxlen: 36
2404:76c0:9000::/36 maxlen: 36
2404:76c0:a000::/35 maxlen: 35
2404:76c0:a000::/36 maxlen: 36
2404:76c0:a000::/37 maxlen: 40
2404:76c0:b000::/36 maxlen: 36
2404:76c0:c000::/34 maxlen: 34
2404:76c0:c000::/35 maxlen: 35
2404:76c0:c000::/36 maxlen: 36
2404:76c0:d000::/36 maxlen: 36
2404:76c0:e000::/35 maxlen: 35
2404:76c0:e000::/36 maxlen: 36
2404:76c0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.crl
rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Mon 09 Mar 2026 01:37:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 3365 (0xd25)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91C93EE, serialNumber=FC56E7E076F7FD0A84BECC9C3E229142A0901FEC
Validity
Not Before: Feb 22 18:15:52 2026 GMT
Not After : May 1 00:00:00 2027 GMT
Subject: CN=69a46247-4202
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:92:5c:bd:d3:36:8a:a5:c9:2f:5b:2e:e0:a2:
a3:e1:b8:c0:47:c2:31:60:2c:25:17:18:88:72:be:
38:04:48:12:89:6b:ee:69:d8:ce:75:04:b4:5c:a9:
d1:34:41:65:e7:b5:c0:c8:fe:85:9c:bd:89:31:ab:
58:77:ea:a3:7b:59:d2:58:c9:ff:83:1b:c8:66:9a:
d3:73:dd:db:7c:40:e1:90:7a:84:98:cb:2a:ff:43:
c3:f4:08:c8:6a:18:d5:76:8d:c5:94:0a:55:c7:5b:
cf:56:5a:60:51:ea:3b:70:dc:ab:9f:33:b9:b7:f9:
0d:03:14:f8:73:71:d2:c9:91:3b:34:74:36:54:ab:
ee:c8:69:e2:dd:48:e9:f8:08:95:e8:e1:40:8c:85:
6e:6f:f1:5f:67:61:ba:67:b1:d9:f4:2b:90:a4:bd:
c8:67:0e:b0:d5:20:dd:9f:37:81:06:bf:6e:45:df:
7c:c3:3d:83:33:f2:b8:c2:fd:b2:89:3e:72:26:ac:
d2:b6:7f:7d:f8:9e:db:58:ef:29:b4:9a:39:98:9c:
0b:c6:a6:6d:1e:7d:b8:9c:72:d1:a6:af:06:8b:02:
81:6e:cd:60:86:7d:61:71:f9:66:ba:3c:e9:76:4d:
93:ed:b9:72:78:5f:fb:c9:a7:c0:d0:d5:77:b9:f4:
fd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D9:3D:8F:00:67:EA:6C:E2:87:5A:EB:BE:A0:F2:C7:A2:C8:0C:E2
X509v3 Authority Key Identifier:
keyid:FC:56:E7:E0:76:F7:FD:0A:84:BE:CC:9C:3E:22:91:42:A0:90:1F:EC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_Fbn4Hb3_QqEvsycPiKRQqCQH-w.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C93EE/6858F6880E0211EAA9B1DB65C4F9AE02/B256D8FC479711F09A25BE59C4F9AE02.roa
sbgp-ipAddrBlock: critical
IPv4:
103.135.77.0/24
103.135.79.0/24
IPv6:
2404:76c0::/32
Signature Algorithm: sha256WithRSAEncryption
2d:a1:bc:cf:ed:4e:85:30:1e:1e:09:f3:48:12:f7:17:f1:f1:
cc:ba:03:78:6e:fe:57:d5:b7:ed:b4:8f:e9:d4:be:8f:8d:18:
0a:45:03:d9:c2:ea:0e:61:52:bd:91:5d:45:c7:84:c2:8f:d9:
00:f7:a3:07:89:28:dc:c3:28:96:2e:6a:fc:f3:58:9a:3f:fa:
27:38:32:d3:81:e6:cf:8e:97:c9:33:11:4f:2e:1e:af:60:ca:
47:a0:10:f1:14:65:43:78:02:cf:e5:04:27:a2:07:8a:34:c7:
b4:78:70:32:be:1b:08:91:2b:c5:8e:8c:b9:ca:32:e6:ba:99:
9b:d5:f8:78:c4:52:6e:f1:26:ad:a9:ce:4b:e0:69:59:a5:b8:
45:63:b5:a6:08:d8:55:a2:b9:1c:db:5a:fc:39:7a:6b:6c:94:
96:71:b1:88:1b:b1:8b:99:20:4e:ac:bc:41:a1:b0:de:c0:0d:
2a:a3:30:e6:3e:f4:cf:5e:94:4c:8f:ed:4b:e1:ec:60:c9:fe:
d3:46:a3:3a:d6:1c:f5:9e:66:40:b4:b2:6c:ca:09:91:fc:ec:
ad:d5:6c:f8:12:c4:ac:3b:86:e9:35:88:a1:7f:52:40:fa:fd:
9e:b6:69:d8:fa:4e:17:a2:67:ec:cf:f9:11:02:f0:e3:8b:6b:
8b:02:cc:b8
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgICDSUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
QzkzRUUxMTAvBgNVBAUTKEZDNTZFN0UwNzZGN0ZEMEE4NEJFQ0M5QzNFMjI5MTQy
QTA5MDFGRUMwHhcNMjYwMjIyMTgxNTUyWhcNMjcwNTAxMDAwMDAwWjAYMRYwFAYD
VQQDEw02OWE0NjI0Ny00MjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAvpJcvdM2iqXJL1su4KKj4bjAR8IxYCwlFxiIcr44BEgSiWvuadjOdQS0XKnR
NEFl57XAyP6FnL2JMatYd+qje1nSWMn/gxvIZprTc93bfEDhkHqEmMsq/0PD9AjI
ahjVdo3FlApVx1vPVlpgUeo7cNyrnzO5t/kNAxT4c3HSyZE7NHQ2VKvuyGni3Ujp
+AiV6OFAjIVub/FfZ2G6Z7HZ9CuQpL3IZw6w1SDdnzeBBr9uRd98wz2DM/K4wv2y
iT5yJqzStn99+J7bWO8ptJo5mJwLxqZtHn24nHLRpq8GiwKBbs1ghn1hcflmujzp
dk2T7blyeF/7yafA0NV3ufT9DwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFGvZPY8A
Z+ps4oda676g8seiyAziMB8GA1UdIwQYMBaAFPxW5+B29/0KhL7MnD4ikUKgkB/s
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOTNFRS82ODU4RjY4ODBF
MDIxMUVBQTlCMURCNjVDNEY5QUUwMi9fRmJuNEhiM19RcUV2c3ljUGlLUlFxQ1FI
LXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL19GYm40SGIzX1FxRXZzeWNQaUtSUXFDUUgtdy5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
QzkzRUUvNjg1OEY2ODgwRTAyMTFFQUE5QjFEQjY1QzRGOUFFMDIvQjI1NkQ4RkM0
Nzk3MTFGMDlBMjVCRTU5QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS
BAIAATAMAwQAZ4dNAwQAZ4dPMA0EAgACMAcDBQAkBHbAMA0GCSqGSIb3DQEBCwUA
A4IBAQAtobzP7U6FMB4eCfNIEvcX8fHMugN4bv5X1bfttI/p1L6PjRgKRQPZwuoO
YVK9kV1Fx4TCj9kA96MHiSjcwyiWLmr881iaP/onODLTgebPjpfJMxFPLh6vYMpH
oBDxFGVDeALP5QQnogeKNMe0eHAyvhsIkSvFjoy5yjLmupmb1fh4xFJu8Satqc5L
4GlZpbhFY7WmCNhVorkc21r8OXprbJSWcbGIG7GLmSBOrLxBobDewA0qozDmPvTP
XpRMj+1L4exgyf7TRqM61hz1nmZAtLJsygmR/Oyt1Wz4EsSsO4bpNYihf1JA+v2e
tmnY+k4Xomfsz/kRAvDji2uLAsy4
-----END CERTIFICATE-----
Generated at Mon Mar 2 03:59:34 2026 by rpki-client